<?php
session_start();
include 'connect/connect.php';
$tbl_name="login";
$username=$_POST['username']; 
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
session_register("username");
$_SESSION['username']=$username;
$_SESSION['type']="staff";
header("location:add_app.php");
}
else {
  header("location: index.php?status=wrong");  
//echo "Wrong Username or Password";
}
?>